Protect a document on behalf of another user

AEM Forms Document Security Java SDK provides APIs to allow a user account to protect a document on behalf of another user without attaining the permissions to edit the document. You can use the APIs in a workflow process or programmatically as a document service. The new APIs are:

protectDocumentUse the ProtectDocument API to apply a policy to a document on behalf of
another user account. Permissions of the user account used to apply the policy remain limited to protecting the document. It does not attain rights to open and view the document. RMSecureDocumentResult protectDocument(Document inDoc, String documentName, String policySetName, String policyName, RMLocale locale, boolean bExactMatchForNames)

createLicenseUse the CreateLicense API to create a license for a policy on behalf of another user account. PublishLicenseDTO createLicense(String policyId, String documentName, boolean logSecureDocEvent)

protectDocumentWithCoverPageUse the ProtectDocumentWithCoverPage API to apply a policy and add a cover page to a document on behalf of another user. Permissions of the user account used to apply the policy remain limited to protecting the document. It does not attain the rights to open and view the document. RMSecureDocumentResult protectDocumentWithCoverPage(Document inDoc, String documentName, String policySetName, String policyName, Document coverDoc, boolean bExactMatchForNames)

Using the APIs to protect a document on behalf of another user

Perform the following steps to protect a document on behalf of another user and without attaining the permissions to edit the document:

Create a policy set. For example, PolicySet1.

Create a policy in the newly created policy set. For example, Policy1 in PolicySet1.

Create a user with role Rights Management End User. For example, User1. Provide the permissions to view documents protected using Policy1 to the newly created user.

Create a new role. For example, Role1. Provide the Service Invoke permission to the newly created role. Create a user with newly created role. For example, User2.You can use User2 or an administrator to create SDK connection and invoke the protectDocument service.

Now, you can run the following sample code to protect a document without providing permissions to edit the document to the user protecting the document: